Security
Denial of Service Prevention
271 Cisco Small Business 200 Series Smart Switch Administration Guide
17
• Authentication Method—Method by which the last session was
authenticated. The options are:
- None—No authentication is applied; it is automatically authorized.
- RADIUS—Supplicant was authenticated by a RADIUS server.
• MAC Address—Displays the supplicant MAC address.
Denial of Service Prevention
A Denial of Service (DoS) attack is a hacker attempt to make a device unavailable
to its users.
DoS attacks saturate the device with external communication requests, so that it
cannot respond to legitimate traffic. These attacks usually lead to a device CPU
overload.
Secure Core Technology (SCT)
One method of resisting DoS attacks employed by the device is the use of SCT.
SCT is enabled by default on the device and cannot be disabled.
The Cisco device is an advanced device that handles management traffic,
protocol traffic and snooping traffic, in addition to end-user (TCP) traffic.
SCT ensures that the device receives and processes management and protocol
traffic, no matter how much total traffic is received. This is done by rate-limiting
TCP traffic to the CPU.
There are no interactions with other features.
SCT can be monitored in the Denial of Service > Denial of Service Prevention >
Security Suite Settings page (Details button).
Types of DoS Attacks
A Denial of Service attack can be caused in the following ways (among others):
• TCP SYN Packets—A flood of TCP SYN packets, often with a false sender
address, can signify an attack. Each of these packets causes the device to
spawn a half-open connection, by sending back a TCP/SYN-ACK packet
(Acknowledge), and waiting for a packet in response from the sender
